[rt-users] HTTP and HTTPS on same RT server?
Danie Marais
danie.marais at attix5.com
Tue Feb 26 09:54:20 EST 2008
> -----Original Message-----
> From: Joseph Spenner [mailto:joseph85750 at yahoo.com]
> Sent: 26 February 2008 04:23 PM
> To: Danie Marais; erkdog at fiftypounds.com
> Cc: rt-users at lists.bestpractical.com
> Subject: Re: [rt-users] HTTP and HTTPS on same RT server?
>
> --- Danie Marais <danie.marais at attix5.com> wrote:
>
> > Matt,
> >
> > Maybe I am daft, but the SSL cert sites I looked at
> > listed it at $399 per
> > year. Where can you get $20 certs?
> >
> >
> > > -----Original Message-----
> > > From: rt-users-bounces at lists.bestpractical.com
> > > [mailto:rt-users-bounces at lists.bestpractical.com]
> > On Behalf
> > > Of Matt Westfall
> > > Sent: 26 February 2008 03:56 PM
> > > To: Lutz Jaenicke
> > > Cc: rt-users at lists.bestpractical.com
> > > Subject: Re: [rt-users] HTTP and HTTPS on same RT
> > server?
> > >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > > Umm, SSL Certs are $20 a year, lol
> > >
> > >
>
>
> You can generate your own SSL certs for free. The
> only reason you'd want to buy them from Thawt ($150
> ish), or super gold plated Ferrari certificates from
> VeriSign ($900) is if you don't want browsers to
> complain due to an unknown Certificate Authority. If
> your RT systems aren't going to be on the Internet
> and/or you don't care about the warnings, you can
> generate your own certificates using openssl, and set
> them to expire in 50 years.
>
There is a self-signed cert on the box. But we need to give Internet access
to customers and do not want them to get a certificate warning. So they
must either use http or we must have a valid cert. According to
www.thawte.com they ask $249 for a new cert and $199 for a renewal.
First prize for me would still be a http/https combination with customers
using http.
More information about the rt-users
mailing list